Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CCFR CCFR-201b Passing Score

Page: 9 / 15
Total 199 questions

CrowdStrike Certified Falcon Responder Questions and Answers

Question 33

Filtering is essential for managing a high volume of alerts. Which of the following filters is available by default within the ' Endpoint Detections ' dashboard to help narrow down specific threats?

Options:

A.

Triggering File

B.

Hardware BIOS Version

C.

Local Subnet Mask

D.

Sensor Update Policy Name

Question 34

From a detection, what is the fastest way to see children and sibling process information?

Options:

A.

Select the Event Search option. Then from the Event Actions, select Show Associated Event Data (From TargetProcessld_decimal)

B.

Select Full Detection Details from the detection

C.

Right-click the process and select " Follow Process Chain "

D.

Select the Process Timeline feature, enter the AID. Target Process ID, and Parent Process ID

Question 35

You are tasked with remediating adware for a host using a custom script via Real Time Response (RTR). When running the script, you get an error that the script is timing out.

How can you resolve this issue?

Options:

A.

Set the -timeout argument to off

B.

Set the -timeout argument to a longer period

C.

Rerun the script

D.

Change the timeout policy in the console settings

Question 36

While quarantined files stay on the local host for 30 days by default, how many days does a quarantined file remain stored in the CrowdStrike Cloud?

Options:

A.

30 days

B.

60 days

C.

90 days

D.

180 days

Page: 9 / 15
Total 199 questions